Encrypt email messages

When you need to protect the privacy of an email message, encrypt it. Encrypting an email message in Outlook means it's converted from readable plain text into scrambled cipher text. Only the recipient who has the private key that matches the public key used to encrypt the message can decipher the message for reading. Any recipient without the corresponding private key, however, sees indecipherable text. Outlook supports two encryption options:

S/MIME encryption - To use S/MIME encryption, the sender and recipient must have a mail application that supports the S/MIME standard. Outlook supports the S/MIME standard

Office 365 Message Encryption (Information Rights Management) - To use Office 365 Message Encryption, the sender must have Office 365 Message Encryption, which is included in the O365 E3 license.

Encrypting with S/MIME

Before you start this procedure, you must first have added a certificate to the keychain on your computer. Once you have your signing certificate set up on your computer, you'll need to configure it in Outlook.

Under Certificates and Algorithms, click Chooseand select the S/MIME certificate.

Choose OK

If you are an Office Insider with Office 365 subscription, here's what is new to you:

In an email message, choose Options, select Encrypt and pick Encrypt with S/MIME option from the drop down,

You'll see an Encrypt with S/MIME if you have an S/MIME certificate installed on your computer.

For Outlook 2019 and Outlook 2016,

In an email message, choose Options, select Permissions.

Finish composing your email and then choose Send.

Encrypt with Office 365 Message Encryption

If you are an Office 365 subscriber, here is what is new to you:

In an email message, choose Options, select Encrypt and pick the encryption that has the restrictions you want to enforce, such as Encrypt-Only or Do Not Forward.

Note: Office 365 Message Encryption is part of the O365 E3 license. Additionally, the Encrypt-Only feature (the option under the Encrypt button) is only enabled for subscribers (Office ProPlus users) that also use Exchange Online.

For Outlook 2019 and 2016,

In an email message, select Options > Permissions and pick the encryption option that has the restrictions you'd like to enforce, such as Do Not Forward.

Encrypt a single message

Encrypt all outgoing messages

When you choose to encrypt all outgoing messages by default, you can write and send messages the same as with any other messages, but all potential recipients must have your digital ID to decode or view your messages.

Encrypt all outgoing messages

When you choose to encrypt all outgoing messages by default, you can write and send messages the same as you do with any other messages. All potential recipients, however, must have your digital ID to decode or view those messages.

On the E-mail Security tab, under Encrypted e-mail, select the Encrypt contents and attachments for outgoing messages check box.

To change additional settings, such as choosing a specific certificate to use, click Settings.

Encrypt a single message

In the message, on the Message tab, in the Options group on the ribbon, click the Encrypt Message Contents and Attachments button
.

Note: If you don't see this button, click the Options Dialog Box Launcher in the lower-right corner of the group to open the Message Options dialog box. Click the Security Settings button, and in the Security Properties dialog box, select Encrypt message contents and attachments. Click OK, and then close the Message Options dialog box.

Compose your message and send it.

Encrypt all outgoing messages

Choosing to encrypt all outgoing messages means, in effect, your e-mail is encrypted by default. You can write and send messages the same as with any other e-mail messages, but all potential recipients must have your digital ID to decode your messages.

On the Tools menu, click Trust Center, and then click E-mail Security.